Investigate how Cargo links to OpenSSL and whether we need to release updates

[emilyalbini]

We need to investigate how Cargo links to OpenSSL in our builds. If it statically links OpenSSL we'll have to make sure we release updates whenever a new OpenSSL vulnerability is discovered.

[skade]

We also need to check how much we cover cargo in general.

[Hoverbear]

Don't think this is relevant anymore, closing.